Ransomlord is an open source tool that automates the creation of PE-files to protect against ransomware.
The tool was developed by Ransomlord, aka HYP3RRLINX, who stated, “I created RansMlord to demonstrate that hackers are not invincible, they make mistakes just like everyone else.”
Key features of the tool include:
- Utilizes DLL tactics commonly used by cybercriminals.
- Employs exploits to defend networks, with the first public disclosure being Lockbit MVID-2022-0572.
- Identifies vulnerabilities in malicious programs, allowing organizations to target specific threats.
- Assesses weaknesses in ransomware programs, prompting attackers to patch their code.
- Saves time and effort by addressing knowledge gaps in creating PE-files for defense.
- Protects against 49 ransomware families by exploiting vulnerabilities in twelve DLL-files.
- Targets trojans and data-stealing malware like Emotet MVID-2024-0684.
Ransomlord is available for free on GitHub.
/Reports, release notes, official announcements.